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DETAILED ACTION 

This action is in response to the BPAI decision filed on 10/26/201 1. After thorough search, 
application history, BPAI decision review and in light of the prior art made of the record, claims 
1-4, 9, 10, 13, 15-21, 23, 27, 28 and 30-34 are allowed. 



EXAMINER'S AMENDMENT 

An examiner's amendment to the record appears below. Should the changes and/or 
additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 
1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the 
payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview with 
Romiwa Akpala (Reg. No. 59,775) on 01/19/2012. Please see the Interview summary form for 
details. 

The application has been amended as follows: 

1. (Currently Amended) A method of effecting secure communications between a 
server and a client, the server executed in a server computer, the method comprising: 

detecting, at the server computer, a client connection at a first port; 

providing, by the server computer, the client with a decoy port number; and 

providing, by the server computer, services to the client on a second port having a second 

port number that is mapped to the decoy port number, wherein the second port 
number is different from the decoy port number; and maintaining, in the server computer, 
a table of available decoy port numbers that are mapped to valid port numbers wherein the table 
maintained in the server computer corresponds to a second table maintained at a client 
computer on which the client is executed, the second table mapping decoy numbers to 
valid port numbers at the client computer; monitoring the second port for a 
connection by the client, and 

if there is no connection by the client within a predetermined time interval, 
terminating execution of the server on the second port . 

2. (Previously Presented) A method as defined in Claim 1, wherein the decoy port 
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number is provided to the client by the operation of a routine that is associated with the server, 
the routine executed in the server computer. 

3. (Original) A method as defined in Claim 2, further comprising: launching the server on the 
second port; and 

monitoring the second port for a connection by the client. 

4. (Original) A method as defined in Claim 3, further comprising; if there is no connection by the 
client within a predetermined time interval, terminating execution of the server on the second 
port. 

5. (Cancelled) 

6. (Cancelled) 

7. (Cancelled) 

8. (Cancelled) 

9. (Currently Amended) A computer system comprising: 

a plurality of ports, each port having a respective port number; a server application; and a 
routine that, if executed, is operative to: 

detect a client connection at a fast port; provide the client with a decoy port number; and 
provide services to the client on a second port having a second port number that is mapped to the 
decoy port number, wherein the second port number is different from the decoy port number; 

maintaining, in the server computer, a table of available decoy port numbers that are 
mapped to valid port numbers wherein the table 

maintained in the server computer corresponds to a second table maintained at a client 

computer on which the client is executed, the second table mapping decoy numbers to 
valid port numbers at the client computer; monitoring the second port for a 
connection by the client, and 

if there is no connection by the client within a predetermined time interval, terminating 
execution of the server on the second port . 

10. (Original) A computer system as defined in Claim 9, wherein the routine, if executed, is 
operative to: 

launch the server application on the second port; and 
monitor the second port for a connection by the client. 

11. (Cancelled) 

12. (Cancelled) 
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13. (Original) A computer system as defined in Claim 12, wherein the routine, if executed, is 
operative to: 

launch the server application on the second port subsequent to providing the decoy port 
number to the client. 

14. (Cancelled) 

15. (Currently Amended) A server computer system comprising: a plurality of ports, each port 
having a respective port number; a first server application; and 

a first routine that is associated with the first server application and that, if executed, is 
operative to: detect a client connection at a first port; transmit a decoy port number to the client; 
terminate the connection to the first port; and 

provide services to the client on a second port having a second port number that is 
mapped to the decoy port number, the second port number being a valid port number that is 
different from the decoy port number; 

a second server application; and 

a second routine that is associated with the second server application and that, if 
executed, is operative to: detect a client connection at a third port; transmit a second 
decoy port number to the client; terminate the connection to the third port; and provide 
services to the client on a fourth port having a fourth port number that is 
mapped to the second decoy port number, the fourth part number being 

another valid port number that is different from the second decoy port number; maintaining, in 

the server computer, a table of available decoy port numbers that are mapped to valid port 

numbers wherein the table 

maintained in the server computer corresponds to a second table maintained at a client 
computer on which the client is executed, the second table mapping decoy numbers to 
valid port numbers at the client computer; monitoring the second port for a 

connection by the client, and 

if there is no connection by the client within a predetermined time interval, terminating 

execution of the server on the second port . 

16. (Previously Presented) A server computer system as defined in Claim 15, wherein the first 
routine and the second routine, if executed are operable, respectively, to: 

terminate execution of the first server application on the second port if there is no client 
connection within a predetermined time interval; and 

terminate execution of the second server application on the fourth port if there is no client 
connection within a predetermined time interval. 

17. (Currently Amended) A method executed by a client computer, comprising: attempting to 
access a server application on a first port of a server computer; receiving, from the server 
computer, a decoy port number that is an invalid port number; translating the decoy port number 
to a valid port number; and connecting to the server application on the valid port number; and 
maintaining, in the server computer, a table of available decoy port numbers that are mapped to 
valid port numbers wherein the table 
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maintained in the server computer corresponds to a second table maintained at a client 
computer on which the client is executed, the second table mapping decoy numbers to 
valid port numbers at the client computer; monitoring the second port for a 
connection by the client, and 

if there is no connection by the client within a predetermined time interval, terminating execution 
of the server on the second port . 

18. (Previously Presented) A method as defined in Claim 17, wherein the decoy port number is 
translated using a wrapper script associated with a client application in the client computer. 

19. (Previously Presented) A method as defined in Claim 17, wherein the decoy pot number is 
translated using code embedded in a client application in the client computer. 

20. (Previously Presented) A method as defined in Claim 17, further comprising: mapping the 
decoy port number to an intermediate port number; and effecting an offset to the intermediate 
port number to produce the valid port number. 

21. (Currently Amended) A computer system comprising: a plurality of ports, each port having a 
respective port number; an application; and 

means for effecting secure access to the application by redirecting a client from a first 
port to a second port, wherein the means for effecting secure access comprises: 

a routine that, if executed, is operable to provide the client with a decoy port number that 
maps to a second port number of the second port, wherein the decoy port number is an invalid 
port number and the second port number is valid port number; and maintaining, in the server 
computer, a table of available decoy port numbers that are mapped to valid port numbers wherein 
the table 

maintained in the server computer corresponds to a second table maintained at a client 
computer on which the client is executed, the second table mapping decoy numbers to 
valid port numbers at the client computer; monitoring the second port for a 
connection by the client, and 

if there is no connection by the client within a predetermined time interval, terminating execution 
of the server on the second port . 

22. (Cancelled) 

23. (Currently Amended) An article comprising a non-transitory machine -readable storage 
medium that comprises instructions that, if executed, cause n server computer to: 

detect a connection at a first port of the server computer by a client application; 
transmit, to the client application, a decoy port number, wherein the decoy port number is 
an invalid port number; and 

cause a server application in the server computer to be launched at a second port that has a 
second port number mapped to the decoy port number, the second port number being a valid port 
number; and maintaining, in the server computer, a table of available decoy port numbers that 
are mapped to valid port numbers wherein the table 
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maintained in the server computer corresponds to a second table maintained at a client 
computer on which the client is executed, the second table mapping decoy numbers to 
valid port numbers at the client computer; monitoring the second port for a 

connection by the client, and 

if there is no connection by the client within a predetermined time interval, terminating 

execution of the server on the second port . 

24. (Cancelled) 

25. (Cancelled) 

26. (Cancelled) 

27. (Currently Amended) A client/server system comprising: a server computer system; and 

a server application installed on the sever computer system and comprising instructions 
that, if executed on the server computer system, are effective to: detect a connection at a first 
port by a client application; transmit, to the client application, a decoy port number, wherein 
the decoy port 

number is an invalid port number; 

terminate the connection on the first port; and 

provide services to the client application on a second port having a second port 
number that is mapped to the decoy port number; and maintaining, in the server 

computer, a table of available decoy port numbers that are mapped to valid port numbers wherein 

the table 

maintained in the server computer corresponds to a second table maintained at a client 
computer on which the client is executed, the second table mapping decoy numbers to 
valid port numbers at the client computer; monitoring the second port for a 
connection by the client, and 

if there is no connection by the client within a predetermined time interval, terminating execution 
of the server on the second port . 

28. (Previously Presented) A client/server system as defined in Claim 27, further comprising: 

a client computer system; and 

a client application installed on the client computer system and comprising instructions 
that, if executed on the client computer system, are effective to: attempt to access the server 
application on the first port; translate the decoy port number to the second port number; and 
connect to the server application on the second port. 

29. (Cancelled) 

30. (Previously Presented) A client/server system as defined in Claim 28, wherein the client 
application further comprises instructions that, if executed on the client computer system, are 
effective to: 

map the decoy port number to an intermediate port number, and 
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impart an offset to the intermediate port number so as to derive the second port number. 

31. (Previously Presented) The method as defined in Claim 1, wherein providing the decoy port 
number comprises providing the decoy port number that has no meaning to an 
unauthorized client computer, but the decoy port number is mappable to the second port number 
by an authorized client computer. 

32. (Previously Presented) The computer system as defined in Claim 12, wherein the decoy port 
number provided to the client enables the client to map, using a second table associated with the 
client, the decoy port number to the second port number such that the client can connect to the 
computer system at the second port number. 

33. (Previously Presented) The computer system as defined in Claim 9, wherein the decoy port 
number has no meaning to an unauthorized client computer, but the decoy port number is 
mappable to the second port number by an authorized client computer. 

34. (Previously Presented) The article of Claim 23, wherein the decoy port number is 
meaningless to an unauthorized client computer, but the decoy port number is mappable to the 
valid port number by an authorized client computer. 



Reasons for Allowance 

The following is an examiner's statement of reasons for allowance: The closest prior arts 
Yarborough and Hipp alone or in combination do not teach or suggest applicant's invention, 
"providing, by the server computer, the client with a decoy port number; and providing, by the 
server computer, services to the client on a second port having a second port number that is 
mapped to the decoy port number, wherein the second port number is different from the decoy 
port number; and maintaining, in the server computer, a table of available decoy port numbers 
that are mapped to valid port numbers wherein the table maintained in the server computer 
corresponds to a second table maintained at a client computer on which the client is executed, the 
second table mapping decoy numbers to valid port numbers at the client computer; monitoring 
the second port for a connection by the client, and if there is no connection by the client within a 
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predetermined time interval terminating execution of the server on the second port " as claimed 
in independent claim 1 and similarly in independent claims 9, 15, 17, 21, 23 and 27. 

Any comments considered necessary by applicant must be submitted no later than the 
payment of the issue fee and, to avoid processing delays, should preferably accompany the issue 
fee. Such submissions should be clearly labeled "Comments on Statement of Reasons for 
Allowance." 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to UMAR CHEEMA whose telephone number is (571)270-3037. 
The examiner can normally be reached on M-F 8:30AM-5:00PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Peter- Anthony Pappas can be reached on 571-272-7646. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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/Umar Cheema/ 
Examiner, Art Unit 2444 

/Djenane M Bayard/ 

Primary Examiner, Art Unit 2444 



